If you discover a security vulnerability, please do not open a public issue. Instead, send an email to [security contact].

Please include:

• A description of the vulnerability
• Steps to reproduce the issue
• Any potential impact or exploit scenarios

• Initial response: Within 48 hours
• Detailed assessment: Within 7 days
• Patch release: Based on severity assessment

This package processes PDF files. Consider these security recommendations:

1. File Size Limits: Always configure appropriate maxFileSize limits
2. Worker Source: Use self-hosted PDF.js workers in production
3. Input Validation: Validate file types and sources before processing
4. CSP Headers: Implement proper Content Security Policy headers

For more details, see the Security Considerations section in the README.